华为FusionCube 500-8.2.0SPC100 实施部署文档

环境:

  • 产品:FusionCube 500
  • 版本:8.2.0.SPC100
  • 场景:虚拟化基础设施
  • 平台:FusionCompute
  • 两节点 MCNA * 2
  • 硬件部署(塔式交付场景)
  • 免交换组网(配置AR卡)

前置准备

组网规划

节点说明

连接信号线缆(GPU模组场景)

软件清单

地址规划

默认参数

AR卡配置

两张AR卡除管理地址外,其他相同配置

bash 复制代码
sysname AR-10
#
 drop illegal-mac alarm
#
ipv6
#
vlan batch 4050
#
authentication-profile name default_authen_profile
authentication-profile name dot1x_authen_profile
authentication-profile name dot1xmac_authen_profile
authentication-profile name mac_authen_profile
authentication-profile name multi_authen_profile
authentication-profile name portal_authen_profile
#
dhcp enable
#
radius-server template default
#
pki realm default
 certificate-check none
#
ssl policy default_policy type server     
 pki-realm default
 version tls1.2 
 ciphersuite rsa_aes_128_sha256 rsa_aes_256_sha256 ecdhe_rsa_aes128_gcm_sha256 ecdhe_rsa_aes256_gcm_sha384 
#
acl name firewall 3001  
 rule 99 permit icmp 
 rule 100 permit ip 
#
ike proposal default
 encryption-algorithm aes-256 aes-192 aes-128 
 dh group14 
 authentication-algorithm sha2-512 sha2-384 sha2-256 
 authentication-method pre-share
 integrity-algorithm hmac-sha2-256 
 prf hmac-sha2-256 
#
free-rule-template name default_free_rule
#
portal-access-profile name portal_access_profile
#
aaa
 authentication-scheme default
  authentication-mode local
 authentication-scheme radius             
  authentication-mode radius
 authorization-scheme default
  authorization-mode local
 accounting-scheme default
  accounting-mode none
 local-aaa-user password policy administrator
  password history record number 0
  password alert before-expire 90
  password expire 365
 domain default
  authentication-scheme default
  accounting-scheme default
  radius-server default
 domain default_admin
  authentication-scheme default
  accounting-scheme default
 local-user admin password irreversible-cipher $1a$Lu<k"V],m@$3WD#6hoY{/F<|%GG:}M0x\uVUripT!J0PjIf&kr&$
 local-user admin privilege level 15
 local-user admin ftp-directory flash:
 local-user admin service-type terminal ssh ftp http
 local-user administrator password irreversible-cipher $1a$gPNq!<&#%,${\=7'vc"bX`O_nHhsO{V+oqnVNK.-AWK%kTqh07>$
 local-user administrator privilege level 15
 local-user administrator ftp-directory flash:
 local-user administrator service-type terminal ssh ftp http
#
web
 set fast-configuration state disable
#
firewall zone untrust
 priority 1
#
firewall zone trust
 priority 15
#
firewall zone Local
#
firewall interzone trust untrust
 firewall enable
 packet-filter 3001 inbound
#
mi-server
#
interface Vlanif1
 ipv6 enable
 ip address 192.168.40.25 255.255.254.0
 ipv6 address auto link-local
 ipv6 address auto global
 zone trust                               
#
interface Eth-Trunk1
 port hybrid tagged vlan 1 to 4094
#
interface GigabitEthernet0/0/0
 port hybrid tagged vlan 4050
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
 combo-port fiber
 eth-trunk 1
#
interface GigabitEthernet0/0/3
 combo-port fiber
 eth-trunk 1
#
interface GigabitEthernet0/0/4
 description WAN
 zone untrust
#
interface GigabitEthernet0/0/5
 shutdown
#                                         
interface GigabitEthernet0/0/6
 stp edged-port enable
 undo negotiation auto
#
interface GigabitEthernet0/0/7
 stp edged-port enable
 undo negotiation auto
#
interface GigabitEthernet0/0/8
 stp edged-port enable
 undo negotiation auto
#
interface GigabitEthernet0/0/9
 stp edged-port enable
 undo negotiation auto
#
interface GigabitEthernet0/0/10
 description VirtualPort
 ipv6 enable
 ipv6 address auto link-local
 ipv6 address auto global default
 ip address dhcp-alloc
 ipv6 address auto dhcp
#                                         
interface XGigabitEthernet0/0/0
 port hybrid tagged vlan 4050
 stp edged-port enable
#
interface XGigabitEthernet0/0/1
 port hybrid tagged vlan 4050
 stp edged-port enable
#
interface XGigabitEthernet0/0/2
 port hybrid tagged vlan 4050
 stp edged-port enable
#
interface XGigabitEthernet0/0/3
 port hybrid tagged vlan 4050
 stp edged-port enable
#
interface NULL0
#
cellular profile default
 modem auto-recovery dial action modem-reboot fail-times 128
 modem auto-recovery icmp-unreachable action modem-reboot
 modem auto-recovery services-unavailable action modem-reboot test-times 0 interval 3600
#
undo icmp name timestamp-request receive  
#
 snmp-agent local-engineid 800007DB03509A887F2262
 snmp-agent group v3 huawei_group privacy write-view Huawei_view notify-view Huawei_view
 snmp-agent target-host trap-hostname aaa address 192.168.40.10 udp-port 10162 trap-paramsname abc
 snmp-agent target-host trap-paramsname abc v3 securityname %^%#,UVE+tGAE0pDz+;[6c>0"e8k*}_4BS<H3MIpdAz4%^%# privacy
 snmp-agent mib-view Huawei_view include iso 
 snmp-agent usm-user v3 fc2mgmt
 snmp-agent usm-user v3 fc2mgmt group huawei_group
 snmp-agent usm-user v3 fc2mgmt authentication-mode sha2-256 %^%#Q#%}.1YsO57/0U"IZ,PKiTUD17H^AP82TcSxtjjC%^%#
 snmp-agent usm-user v3 fc2mgmt privacy-mode aes128 %^%#z[0uH3DW;:0DhMLY!xo<fc\"(mbR,AT;p5Sy>t&A%^%#
 snmp-agent trap source Vlanif1
 snmp-agent trap enable
 snmp-agent extend error-code enable
 snmp-agent permit interface all
 snmp-agent 
#
 ssh user admin authentication-type password
 ssh user administrator authentication-type password
 ssh server compatible-ssh1x enable
 sftp server enable 
Nov 18 2024 09:44:55+00:00 AR-10 IFNET/1/IF_LINKUP:OID 1.3.6.1.6.3.1.1.5.4 Interface 15 turned into UP state.(AdminStatus=1,OperStatus=1,InterfaceName=XGigabitEthernet0/0/2) 
 stelnet server enable 
 ssh server permit interface all
#                                         
ip route-static 0.0.0.0 0.0.0.0 192.168.40.7
#
fib regularly-refresh disable
#
user-interface con 0
 authentication-mode aaa
user-interface vty 0 4
 authentication-mode aaa
 user privilege level 15
#
wlan ac
 traffic-profile name default
 security-profile name default
 security-profile name default-wds
  security wpa2 psk pass-phrase %^%#Nc-s~'BUv6\PFy58UJ!G5#MJ1^iY.OKSC)ZhF@HD%^%# aes
 ssid-profile name default
 vap-profile name default
 wds-profile name default
 regulatory-domain-profile name default
 air-scan-profile name default
 rrm-profile name default
 radio-2g-profile name default
 radio-5g-profile name default
 wids-spoof-profile name default
 wids-profile name default                
 ap-system-profile name default
 port-link-profile name default
 wired-port-profile name default
 ap-group name default
#
dot1x-access-profile name dot1x_access_profile
#
mac-access-profile name mac_access_profile
#
voice 
 #
 enterprise default
 #
 diagnose
#
ops
#
autostart
#
secelog
#
 ms-channel 
 #                                         
return

检查iBMC的fc2mgm用户

检查节点BMC管理是否存在用户"fc2mgmt",如果没有需要给节点BMC添加用户"fc2mgmt"

升级节点固件

升级节点固件,包括但不限于BIOS、CPLD、iBMC到指定版本

安装

FCB 需配置和iBMC同网段地址
修改FCB WebUI超时时间

使用浏览器登录https://<fusioncube_builder_IP>:8443,输入用户admin和密码,登录部署工具界面。
选择安装场景和虚拟化平台类型,使用默认"FusionSphere",点击下一步

选择自动发现,并输入fc2mgmt用户密码

开始扫描发现节点

配置网络:(使用管理平面和BMC平面合并部署)

检验参数配置

上传软件并校验

校验通过后开始安装

安装软件环境

上一步校验完成后,提示是否开始安装,点击"确定"开始安装

2节点同时安装

软件安装完成,点击"完成"按钮

显示安装成功

安装完成后,此时FusionCompute平台已经可以登录管理。

初始化FusionCube Vision

使用浏览器登录FusionCube Vision管理浮动IP,输入用户名密码admin\公共密码(即fc2mgmt密码)

点击"初始化"按钮

输入公共密码

添加证书 (安装手册下载证书并上传)

信任主机

网络初始化

设置数据冗余策略2副本

校验配置参数

校验配置参数,完成后点击"初始化"按钮

初始化完成,点击"确定"按钮

修改密码

勾选"使用相同的密码"

点击"确定"完成初始化。

相关推荐
枫叶丹41 小时前
【HarmonyOS之旅】HarmonyOS开发基础知识(三)
华为od·华为·华为云·harmonyos
SoraLuna6 小时前
「Mac畅玩鸿蒙与硬件47」UI互动应用篇24 - 虚拟音乐控制台
开发语言·macos·ui·华为·harmonyos
AORO_BEIDOU10 小时前
单北斗+鸿蒙系统+国产芯片,遨游防爆手机自主可控“三保险”
华为·智能手机·harmonyos
博览鸿蒙11 小时前
鸿蒙操作系统(HarmonyOS)的应用开发入门
华为·harmonyos
Damon小智18 小时前
HarmonyOS NEXT 技术实践-基于基础视觉服务的多目标识别
华为·harmonyos
匹马夕阳21 小时前
华为笔记本之糟糕的体验
华为·笔记本电脑
egekm_sefg21 小时前
华为、华三交换机纯Web下如何创关键VLANIF、操作STP参数
网络·华为
岳不谢1 天前
华为DHCP高级配置学习笔记
网络·笔记·网络协议·学习·华为
爱笑的眼睛111 天前
uniapp 极速上手鸿蒙开发
华为·uni-app·harmonyos
K.P2 天前
鸿蒙元服务从0到上架【第三篇】(第二招有捷径)
华为·harmonyos·鸿蒙系统